This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:LIBFLAC-VORBIS-CMT
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
FLAC Project libFLAC VORBIS Comment String Size Buffer Overflow
|
Release Date |
2010/10/19
|
Update Number |
1794
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: FLAC Project libFLAC VORBIS Comment String Size Buffer Overflow
This signature detects attempts to exploit a known heap memory overflow vulnerability in FLAC library embedded and used by various products. It is due to boundary errors when processing Free Lossless Audio Codec (FLAC) audio files. A remote attacker can exploit this by enticing the target user to open a crafted FLAC audio file. A successful attack can lead to arbitrary code execution in the security context of the affected application, normally using the privileges of the logged in user. The behavior of the target host is entirely dependent on the intended function of the injected code. In an unsuccessful attack, the application that processes the malicious FLAC file terminates abnormally.
Extended Description
FLAC (Free Lossless Audio Codec) is prone to multiple remote integer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before allocating memory.
Remote attackers may exploit these issues by enticing victims into opening maliciously crafted FLAC files.
An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
FLAC 1.2.0 is vulnerable; other versions may also be affected.
NOTE: Applications that include the affected libFLAC library are also affected.
Affected Products
- Avaya intuity_audix_lx 2.0
- Avaya message_networking 3.1
- Avaya message_networking MN 3.1
- Avaya messaging_storage_server 3.1
- Avaya messaging_storage_server MM3.0
- Debian linux 3.1.0
- Debian linux 3.1.0 Alpha
- Debian linux 3.1.0 Amd64
- Debian linux 3.1.0 Arm
- Debian linux 3.1.0 Hppa
- Debian linux 3.1.0 Ia-32
- Debian linux 3.1.0 Ia-64
- Debian linux 3.1.0 M68k
- Debian linux 3.1.0 Mips
- Debian linux 3.1.0 Mipsel
- Debian linux 3.1.0 Ppc
- Debian linux 3.1.0 S/390
- Debian linux 3.1.0 Sparc
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Flac flac 1.2.0
- Gentoo linux
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva linux_mandrake 2007.0
- Mandriva linux_mandrake 2007.0 X86 64
- Mandriva linux_mandrake 2007.1
- Mandriva linux_mandrake 2007.1 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Nullsoft winamp 5.35
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_ws 4
- Red_hat fedora Core7
- Rpath rpath_linux 1
- Suse linux 10.0 Ppc
- Suse linux 10.0 X86
- Suse linux 10.0 X86-64
- Suse linux 10.1 Ppc
- Suse linux 10.1 X86
- Suse linux 10.1 X86-64
- Suse linux_desktop 10
- Suse linux_personal 10.0.0 OSS
- Suse linux_personal 10.1
- Suse linux_personal 10.2
- Suse linux_personal 10.2 X86 64
- Suse linux_professional 10.0.0
- Suse linux_professional 10.0.0 OSS
- Suse linux_professional 10.1
- Suse linux_professional 10.2
- Suse linux_professional 10.2 X86 64
- Suse novell_linux_desktop 9.0.0
- Suse novell_linux_pos 9
- Suse open-enterprise-server
- Suse opensuse 10.2
- Suse opensuse 10.3
- Suse suse_linux_enterprise_desktop 10
- Suse suse_linux_enterprise_desktop 10 SP1
- Suse suse_linux_enterprise_sdk 10
- Suse suse_linux_enterprise_sdk 10.SP1
- Suse suse_linux_enterprise_server 10
- Suse suse_linux_enterprise_server 10 SP1
- Suse suse_linux_enterprise_server 8
- Suse suse_linux_enterprise_server 9
- Suse suse_linux_openexchange_server 4.0.0
- Suse suse_linux_retail_solution 8.0.0
- Suse suse_linux_school_server_for_i386
- Suse suse_linux_standard_server 8.0.0
- Suse unitedlinux 1.0.0
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 6.10 Amd64
- Ubuntu ubuntu_linux 6.10 I386
- Ubuntu ubuntu_linux 6.10 Powerpc
- Ubuntu ubuntu_linux 6.10 Sparc
- Ubuntu ubuntu_linux 7.04 Amd64
- Ubuntu ubuntu_linux 7.04 I386
- Ubuntu ubuntu_linux 7.04 Powerpc
- Ubuntu ubuntu_linux 7.04 Sparc
- Ubuntu ubuntu_linux 7.10 Amd64
- Ubuntu ubuntu_linux 7.10 I386
- Ubuntu ubuntu_linux 7.10 Powerpc
- Ubuntu ubuntu_linux 7.10 Sparc
- Videolan vlc_media_player 0.8.6
- Videolan vlc_media_player 0.8.6A
- Videolan vlc_media_player 0.8.6B
- Videolan vlc_media_player 0.8.6C
References